SlideShare ist ein Scribd-Unternehmen logo

Cyber Security in Banking: 4 trends to watch in 2017

Phaidon International
Phaidon International

Selby Jennings Singapore Cyber Security specialists discuss the trends to watch across Cyber Security in the Banking industry in 2017.

Personalbeschaffung & Personalwesen
1 von 9
Downloaden Sie, um offline zu lesen
INDUSTRY INSIGHT CYBER SECURITY IN BANKING: 4 TRENDS TO WATCH IN 2017
www.selbyjennings.com | enquiries@selbyjennings.com Industry Insight | Enabling Exceptional Careers Cybersecurity consistently dominates headlines; where attacks are becoming increasingly sophisticated, frequent and ambitious. From last year’s Democratic Party email leaks to the huge data breach at Yahoo, it appears no one – and no industry – is completely safe from the threat of cybercrime. Cyber Secruity is a global concern, and is causing particular concern in Asia. In 2016, Japan witnessed its largest banking hack; 14,000 ATM cash withdrawals and ¥1.8bn / $18m SGD. It is no secret that the frequency of sophisticated cyber- attacks on the banking sector has increased.Across the APAC region, the financial sector has been hit hard.There were a number of high-profile incidents in 2016 including the Bitfinex bitcoin exchange hack in Hong Kong and the Bangladesh Central Bank heist.“$81.3bn SGD Revenues lost to cyber- attacks in the Asia-Pacific region in the 12 months; of a global total of $315bn. SGD”1 . Across 2016, large scale heists took place inTaiwan, Malaysia and Thailand. Cybersecurity standards and protocols have been set up across the region, yet it remains vulnerable to attacks. With the increasing frequency of sophisticated attacks the industry is in urgent need of robust, comprehensive cyber-security programs, supported by rigorous levels of governance, risk and compliance, to avoid becoming victims of an attack. 35% of all cyber-attacks are targeted towards the banking community making it an industry priority to optimise cyber resilience and enhance incident response preparedness to protect data and mitigate risks associated with money laundering and fraud. Below are 4 cybersecurity trends we expect to see in Banking across the APAC in 2017. INTRODUCTION
Industry Insight | Enabling Exceptional Careers 1. Chief Cybercrime Officer Many banking institutions are beginning to appreciate the gravity of the situation and are looking for some way (or someone) to tackle the issue of cybersecurity head-on. As such, a new role of Chief Cybercrime Officer (CCO) has already been advertised by many within the industry where banks are looking to appoint senior staff with daily responsibility for protection against cyberattacks. The CCO role will be task tasked with, ensuring the company is “cyber-ready”, taking responsibility for preventing breaches and taking the lead to manage problems and provide a vital link between the board members and the rest of the company. 2.Third-party vendor security A business might have the right security systems and policies in place to protect itself from a cyberattack, but does its third-party providers and supply chain have that same level of security and diligence? If the answer is ‘no’, there is another vulnerability for the business and its customers, who could find themselves victims of a cyberattack. One such example; SWIFT had been a trusted provider within the international banking industry. If you received a SWIFT message, you could be confident it was a legitimate transfer. But that was before hackers used malware to take control of SWIFT’s messaging app and send fraudulent SWIFT messages.This led to the theft of $81 million SGD from Bangladesh’s central bank. In 2017 Banks need to make third-party risk management a priority if they are to avoid similar attacks. They must find their weaknesses and tighten policies, to prevent sub-standard security measures and systems providing the gateway for major exposures. 3.The growing threat; Ransomware 2017 will see a further rise in Ransomware which often offers hackers a simple and lucrative way to make fast money. For the organizations affected, it means not just a ransom payment, but also the loss of operations, employee unease and severe brand damage. According toTrend Micro,Ransomware is predicted to grow by 25% in 20172 . Over the coming year, we will see attacks becoming more targeted and spreading into IoT devices, PoS systems, and ATMs. By encrypting data, hackers are able to demand huge sums of money from organizations. It has become a threat that many banks have to suffer in silence; if customers were alerted to the fact that a firm was infected with Ransomware,the damage to the brand would be irreparable. 4 CYBER SECURITY TRENDS IN 2017
4. IT security skills shortage The reality is that cyberattacks far outpace cyber-defense due to the clear shortfall in the cybersecurity workforce.There are currently more than one million cybersecurity job vacancies around the world.However,until that skills shortage is filled, the banking sector (and many others) will struggle to manage cybersecurity risks. According to a report by Intel Security, 82% of the IT decision-makers believe there is a shortage of cybersecurity skills within their organization with 71% of respondents agreeing that this shortage is doing their businesses ‘direct and measurable damage’.3 Cybersecurity recruitment For the banking sector to overcome these barriers, 2017 needs to be a year of innovative solutions and a new approach to how we build the cybersecurity workforce. Hiring talent on a temporary basis is often the only route available for under-staffed security teams. That’s why the CISO-as-a-service or virtual CISO model is taking off and we expect it to grow further throughout the year4 . • Security Director/ Manager • Cyber Risk Manager • Security Architect • Information Assurance Manager • CISO/ CSO • SOC Director/ Manager • Forensics Investigator • IT Audit • PenetrationTester • Cloud Security
CYBERSECURITY 2017 SALARIES 2017
www.selbyjennings.com | enquiries@selbyjennings.com Industry Insight | Enabling Exceptional Careers $0 $50,000 $100,000 $150,000 $200,000 $250,000 Associate Analyst/Manager AVP/SrAVP VP SVP/Director Security Operations Intelligence Forensic Investigation Architecture CYBERSECURITY Cybersecurity Years Security Operations Intelligence Forensic Investigation Architecture Associate 0 - 3 $54,000 - $60,000 $54,000 - $60,000 $60,000 - $80,000 $48,000 - $60,000 Analyst/Manager 3-6 $60,000 - £80,000 $60,000 - $80,000 $60,000 - $80,000 $65,000 - $75,000 AVP/SrAVP 5-10 $80,000 - $150,000 $80,000 - $160,000 $75,000 - $150,000 $80,000 - $130,000 VP 8-15 $160,000 - $180,000 $165,000 -$200,000 $160,000 - $180,000 $140,000 - $170,000 SVP/Director 15 $180,000 - $220,000 $200,000 - $240,000 $185,000 - $220,000 $175,000 - $190,000
www.selbyjennings.com | enquiries@selbyjennings.com Industry Insight | Enabling Exceptional Careers $0 $50,000 $100,000 $150,000 $200,000 $250,000 Associate Analyst/Manager AVP/SrAVP VP SVP/Director Risk Control Governance Risk TECHNOLOGY RISK Technology Risk Years Risk Control Governance Risk Associate 0 - 3 $54,000 - $60,000 $48,000 - $60,000 Analyst/Manager 3-6 $60,000 - $80,000 $65,000 - $75,000 AVP/SrAVP 5-10 $80,000 - $150,000 $80,000 - $130,000 VP 8-15 $160,000 - $180,000 $140,000 - $170,000 SVP/Director 15 $180,000 - $220,000 $175,000 - $190,000
Last year we placed candidates in over 66 countries from our global office network. We were proud to be named Banking Recruitment Company of the year 2016 – Recruitment International APAC Awards (Singapore) and will continue to innovate our services to meet the changing demands of the sector. We were also named one of the 1000 Companies to Inspire Britain by the London Stock Exchange and Number 1 in the in the SundayTimesTop 100 Small Companies to Work For. If you’re interested in any specific additional data to support your business needs, or should you require specific information on general market trends, look into strategizing the position of the IT Security team internally or looking to have discussion on partnering with our team to enhance your Cyber Security mandates get in touch: Ishan.Daniel@selbyjennings.com. Please note that the above salary surveys cover a significant proportion of the market, within vastly different Investment Banks taking into account different levels of seniority. If you would like to learn more about what you should be earning or paying, specific to your individual circumstances, please do get in touch. Our Consultants in the FIFX EquitiesTeam will be happy to help: enquiries@SelbyJennings.com. Sources: https://www.ft.com/content/38e49534-57bb-11e6-9f70-badea1b336d4 http://www.trendmicro.com/vinfo/us/security/research-and-analysis/ predictions/2017 http://www.mcafee.com/us/resources/reports/rp-hacking-skills-shortage.pdf https://sentinelone.com/blogs/the-most-devastating-cyber-attacks-on-banks/ SELBY JENNINGS
This guide has been brought to you by Selby Jennings, part of the Phaidon International. Selby Jennings is a specialist provider of Financial Services recruitment solutions across Europe, the US, Asia and the Middle East. We believe every professional should benefit from the advice of a trusted partner throughout their career. Contact Selby Jennings for more information about career opportunities in this sector, or if you are looking to expand your team. Contact us today: www.selbyjennings.com enquiries@selbyjennings.com Enabling Exceptional Careers Selby Jennings exists to enable exceptional career around the world; we connect exceptional talent with exceptional opportunities. INDUSTRY INSIGHT

Empfohlen

Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
Self-employed
 
presentation on cyber crime and security
presentation on cyber crime and securitypresentation on cyber crime and security
presentation on cyber crime and security
Alisha Korpal
 
Cyber security-report-2017
Cyber security-report-2017Cyber security-report-2017
Cyber security-report-2017
NRC
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
krishh sivakrishna
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
Ramiro Cid
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
Leandro Bennaton
 
Cyber security
Cyber securityCyber security
Cyber security
Siblu28
 
EPM Scientific brochure - Europe
EPM Scientific brochure - EuropeEPM Scientific brochure - Europe
EPM Scientific brochure - Europe
Phaidon International
 

Empfohlen

Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
Self-employed
 
presentation on cyber crime and security
presentation on cyber crime and securitypresentation on cyber crime and security
presentation on cyber crime and security
Alisha Korpal
 
Cyber security-report-2017
Cyber security-report-2017Cyber security-report-2017
Cyber security-report-2017
NRC
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
krishh sivakrishna
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
Ramiro Cid
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
Leandro Bennaton
 
Cyber security
Cyber securityCyber security
Cyber security
Siblu28
 
EPM Scientific brochure - Europe
EPM Scientific brochure - EuropeEPM Scientific brochure - Europe
EPM Scientific brochure - Europe
Phaidon International
 
How to avoid unconscious bias in job adverts
How to avoid unconscious bias in job advertsHow to avoid unconscious bias in job adverts
How to avoid unconscious bias in job adverts
Phaidon International
 
Tips for success in competency based interviews
Tips for success in competency based interviewsTips for success in competency based interviews
Tips for success in competency based interviews
Phaidon International
 
Inclusion challenges for talent with disabilties
Inclusion challenges for talent with disabiltiesInclusion challenges for talent with disabilties
Inclusion challenges for talent with disabilties
Phaidon International
 
Inclusive talent challenges for women
Inclusive talent challenges for womenInclusive talent challenges for women
Inclusive talent challenges for women
Phaidon International
 
European M&A end of year report and salary review
European M&A end of year report and salary reviewEuropean M&A end of year report and salary review
European M&A end of year report and salary review
Phaidon International
 
FIFX Equities: End of year report and Salary Survey 2017
FIFX Equities: End of year report and Salary Survey 2017FIFX Equities: End of year report and Salary Survey 2017
FIFX Equities: End of year report and Salary Survey 2017
Phaidon International
 

Weitere ähnliche Inhalte

Mehr von Phaidon International

Mehr von Phaidon International (6)

How to avoid unconscious bias in job adverts
How to avoid unconscious bias in job advertsHow to avoid unconscious bias in job adverts
How to avoid unconscious bias in job adverts
 
Tips for success in competency based interviews
Tips for success in competency based interviewsTips for success in competency based interviews
Tips for success in competency based interviews
 
Inclusion challenges for talent with disabilties
Inclusion challenges for talent with disabiltiesInclusion challenges for talent with disabilties
Inclusion challenges for talent with disabilties
 
Inclusive talent challenges for women
Inclusive talent challenges for womenInclusive talent challenges for women
Inclusive talent challenges for women
 
European M&A end of year report and salary review
European M&A end of year report and salary reviewEuropean M&A end of year report and salary review
European M&A end of year report and salary review
 
FIFX Equities: End of year report and Salary Survey 2017
FIFX Equities: End of year report and Salary Survey 2017FIFX Equities: End of year report and Salary Survey 2017
FIFX Equities: End of year report and Salary Survey 2017
 

Cyber Security in Banking: 4 trends to watch in 2017

  • 1. INDUSTRY INSIGHT CYBER SECURITY IN BANKING: 4 TRENDS TO WATCH IN 2017
  • 2. www.selbyjennings.com | enquiries@selbyjennings.com Industry Insight | Enabling Exceptional Careers Cybersecurity consistently dominates headlines; where attacks are becoming increasingly sophisticated, frequent and ambitious. From last year’s Democratic Party email leaks to the huge data breach at Yahoo, it appears no one – and no industry – is completely safe from the threat of cybercrime. Cyber Secruity is a global concern, and is causing particular concern in Asia. In 2016, Japan witnessed its largest banking hack; 14,000 ATM cash withdrawals and ¥1.8bn / $18m SGD. It is no secret that the frequency of sophisticated cyber- attacks on the banking sector has increased.Across the APAC region, the financial sector has been hit hard.There were a number of high-profile incidents in 2016 including the Bitfinex bitcoin exchange hack in Hong Kong and the Bangladesh Central Bank heist.“$81.3bn SGD Revenues lost to cyber- attacks in the Asia-Pacific region in the 12 months; of a global total of $315bn. SGD”1 . Across 2016, large scale heists took place inTaiwan, Malaysia and Thailand. Cybersecurity standards and protocols have been set up across the region, yet it remains vulnerable to attacks. With the increasing frequency of sophisticated attacks the industry is in urgent need of robust, comprehensive cyber-security programs, supported by rigorous levels of governance, risk and compliance, to avoid becoming victims of an attack. 35% of all cyber-attacks are targeted towards the banking community making it an industry priority to optimise cyber resilience and enhance incident response preparedness to protect data and mitigate risks associated with money laundering and fraud. Below are 4 cybersecurity trends we expect to see in Banking across the APAC in 2017. INTRODUCTION
  • 3. Industry Insight | Enabling Exceptional Careers 1. Chief Cybercrime Officer Many banking institutions are beginning to appreciate the gravity of the situation and are looking for some way (or someone) to tackle the issue of cybersecurity head-on. As such, a new role of Chief Cybercrime Officer (CCO) has already been advertised by many within the industry where banks are looking to appoint senior staff with daily responsibility for protection against cyberattacks. The CCO role will be task tasked with, ensuring the company is “cyber-ready”, taking responsibility for preventing breaches and taking the lead to manage problems and provide a vital link between the board members and the rest of the company. 2.Third-party vendor security A business might have the right security systems and policies in place to protect itself from a cyberattack, but does its third-party providers and supply chain have that same level of security and diligence? If the answer is ‘no’, there is another vulnerability for the business and its customers, who could find themselves victims of a cyberattack. One such example; SWIFT had been a trusted provider within the international banking industry. If you received a SWIFT message, you could be confident it was a legitimate transfer. But that was before hackers used malware to take control of SWIFT’s messaging app and send fraudulent SWIFT messages.This led to the theft of $81 million SGD from Bangladesh’s central bank. In 2017 Banks need to make third-party risk management a priority if they are to avoid similar attacks. They must find their weaknesses and tighten policies, to prevent sub-standard security measures and systems providing the gateway for major exposures. 3.The growing threat; Ransomware 2017 will see a further rise in Ransomware which often offers hackers a simple and lucrative way to make fast money. For the organizations affected, it means not just a ransom payment, but also the loss of operations, employee unease and severe brand damage. According toTrend Micro,Ransomware is predicted to grow by 25% in 20172 . Over the coming year, we will see attacks becoming more targeted and spreading into IoT devices, PoS systems, and ATMs. By encrypting data, hackers are able to demand huge sums of money from organizations. It has become a threat that many banks have to suffer in silence; if customers were alerted to the fact that a firm was infected with Ransomware,the damage to the brand would be irreparable. 4 CYBER SECURITY TRENDS IN 2017
  • 4. 4. IT security skills shortage The reality is that cyberattacks far outpace cyber-defense due to the clear shortfall in the cybersecurity workforce.There are currently more than one million cybersecurity job vacancies around the world.However,until that skills shortage is filled, the banking sector (and many others) will struggle to manage cybersecurity risks. According to a report by Intel Security, 82% of the IT decision-makers believe there is a shortage of cybersecurity skills within their organization with 71% of respondents agreeing that this shortage is doing their businesses ‘direct and measurable damage’.3 Cybersecurity recruitment For the banking sector to overcome these barriers, 2017 needs to be a year of innovative solutions and a new approach to how we build the cybersecurity workforce. Hiring talent on a temporary basis is often the only route available for under-staffed security teams. That’s why the CISO-as-a-service or virtual CISO model is taking off and we expect it to grow further throughout the year4 . • Security Director/ Manager • Cyber Risk Manager • Security Architect • Information Assurance Manager • CISO/ CSO • SOC Director/ Manager • Forensics Investigator • IT Audit • PenetrationTester • Cloud Security
  • 6. www.selbyjennings.com | enquiries@selbyjennings.com Industry Insight | Enabling Exceptional Careers $0 $50,000 $100,000 $150,000 $200,000 $250,000 Associate Analyst/Manager AVP/SrAVP VP SVP/Director Security Operations Intelligence Forensic Investigation Architecture CYBERSECURITY Cybersecurity Years Security Operations Intelligence Forensic Investigation Architecture Associate 0 - 3 $54,000 - $60,000 $54,000 - $60,000 $60,000 - $80,000 $48,000 - $60,000 Analyst/Manager 3-6 $60,000 - £80,000 $60,000 - $80,000 $60,000 - $80,000 $65,000 - $75,000 AVP/SrAVP 5-10 $80,000 - $150,000 $80,000 - $160,000 $75,000 - $150,000 $80,000 - $130,000 VP 8-15 $160,000 - $180,000 $165,000 -$200,000 $160,000 - $180,000 $140,000 - $170,000 SVP/Director 15 $180,000 - $220,000 $200,000 - $240,000 $185,000 - $220,000 $175,000 - $190,000
  • 7. www.selbyjennings.com | enquiries@selbyjennings.com Industry Insight | Enabling Exceptional Careers $0 $50,000 $100,000 $150,000 $200,000 $250,000 Associate Analyst/Manager AVP/SrAVP VP SVP/Director Risk Control Governance Risk TECHNOLOGY RISK Technology Risk Years Risk Control Governance Risk Associate 0 - 3 $54,000 - $60,000 $48,000 - $60,000 Analyst/Manager 3-6 $60,000 - $80,000 $65,000 - $75,000 AVP/SrAVP 5-10 $80,000 - $150,000 $80,000 - $130,000 VP 8-15 $160,000 - $180,000 $140,000 - $170,000 SVP/Director 15 $180,000 - $220,000 $175,000 - $190,000
  • 8. Last year we placed candidates in over 66 countries from our global office network. We were proud to be named Banking Recruitment Company of the year 2016 – Recruitment International APAC Awards (Singapore) and will continue to innovate our services to meet the changing demands of the sector. We were also named one of the 1000 Companies to Inspire Britain by the London Stock Exchange and Number 1 in the in the SundayTimesTop 100 Small Companies to Work For. If you’re interested in any specific additional data to support your business needs, or should you require specific information on general market trends, look into strategizing the position of the IT Security team internally or looking to have discussion on partnering with our team to enhance your Cyber Security mandates get in touch: Ishan.Daniel@selbyjennings.com. Please note that the above salary surveys cover a significant proportion of the market, within vastly different Investment Banks taking into account different levels of seniority. If you would like to learn more about what you should be earning or paying, specific to your individual circumstances, please do get in touch. Our Consultants in the FIFX EquitiesTeam will be happy to help: enquiries@SelbyJennings.com. Sources: https://www.ft.com/content/38e49534-57bb-11e6-9f70-badea1b336d4 http://www.trendmicro.com/vinfo/us/security/research-and-analysis/ predictions/2017 http://www.mcafee.com/us/resources/reports/rp-hacking-skills-shortage.pdf https://sentinelone.com/blogs/the-most-devastating-cyber-attacks-on-banks/ SELBY JENNINGS
  • 9. This guide has been brought to you by Selby Jennings, part of the Phaidon International. Selby Jennings is a specialist provider of Financial Services recruitment solutions across Europe, the US, Asia and the Middle East. We believe every professional should benefit from the advice of a trusted partner throughout their career. Contact Selby Jennings for more information about career opportunities in this sector, or if you are looking to expand your team. Contact us today: www.selbyjennings.com enquiries@selbyjennings.com Enabling Exceptional Careers Selby Jennings exists to enable exceptional career around the world; we connect exceptional talent with exceptional opportunities. INDUSTRY INSIGHT